One month ago I had the brilliant idea to split my unbound_srv.conf into subfiles to be included and now, after the upgrade, the wretched thing went into a crash loop. Because of course... I had completely forgotten to include the split files in the backup
Now I will finally edit /etc/sysupgrade.conf and I have some minor doubts:
what is the role of the "config extern flash_keep" section in /etc/config/luci? Any relations to sysupgrade?
if /etc/unbound/root.hints is already listed here, or if add the whole /etc/unbound directory, do I still need to run this before upgrade? echo "/etc/unbound/root.hints" >> /lib/upgrade/keep.d/unbound
since I had NOT listed the whole /etc/unbound directory in sysupgrade, how does the system know that unbound_ext.conf and unbound_srv.conf have to be saved? Those were indeed in the backup, unlike to split files to be included
I've never noticed that luci config entry before, looks like it was added 12 years ago and might be legacy baggage at this point.
You probably shouldn't mess with the keep.d files, those are provided and overwritten by the packages to which they are related, providing the default list of files to back up. The sanctioned means for augmenting backups is just to add things to /etc/sysupgrade.conf, which is processed at the same time (see /sbin/sysupgrade, search for both keep.d and sysupgrade.conf).
The entries in sysupgrade.conf may be either whole directories, or individual files, so if you need all of /etc/unbound, then that's easy. But! Beware that backing up whole directories is somewhat dangerous, as it can overwrite package-supplied file updates and cause issues.
Your best friend is sysupgrade -l for all of this, modify the .conf file, run that command through grep to confirm what you're looking for is there and no extra stuff that will cause you grief down the line.
I got the tip from @mk24 here in the forum but it may be outdated now.
The "sysupgrade -l" command looks useful, thanks. Adding to my checklist.
I have added just "/etc/unbound/unbound_srv-*.conf" besides root.hints, to avoid including the whole directory.
EDIT: interestingly enough, unbound does not have an entry under /lib/upgrade/keep.d ... so appending was a conservative choice, not a necessity
One could perhaps argue that root.hints, being required for the functioning of a recursive server, should also be backed up: after all, I started applying my "keep.d" workaround when I noticed that unbound was unresponsive right after an AUC/owut upgrade which, supposedly, should have covered everything, I'm not 100% sure about this, however.
On the other hand, the decision to split unbound_srv.conf into smaller files (unbound_srv-*.conf) was my choice and could at best be a new feature to add. Do you believe it would be a good idea to recommend such a split and have these files be saved by default?
That's very odd. The makefile section that defines the conffiles backup has been there for like 10 years, so it's not like it should be in some newer versions and not yours...
I checked even under /rom, no go. Although I have been using OpenWrt for longer than that, this specific installation on the 4040 is from 2019 and unbound was first added in 2020. Recent upgrades have been done first with AUC, then with owut (that is, extra packages are baked in)
@efahl maybe the "main" configs are automatically recognized as such and do not require special handling in keep.d? I have just finished building my r2 of the current package and indeed /lib/upgrade/keep.d/unbound-daemon only has my two additions, nothing else.
The PR is likely not going anywhere in its current form but thanks anyways for the assistance, much appreciated
